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In the Claims: 

1. (Original) A system for managing a plurality of data protection rules, 
comprising: 

a processor; 

a database coupled to the processor, the database operable to receive and store the 
data protection rules and to receive and store a plurality of permissions generated by a 
data owner; 

a memory coupled to the processor; 

an authorization management tool residing in the memory and executable by the 
processor, the authorization management tool operable to: 

accept a query from a data requester, the query related to a particular set of data; 

access the database to validate that a permission exists for the data requester; 

access the data protection rules in the database to validate that the particular set of 
data may be accessed by the data requester; and 

generate a response to the query. 

2. (Original) The system of Claim 1, wherein the authorization management 
tool is further operable to store identifying information about the data requester in the 
database. 

3. (Original) The system of Claim 1, wherein the authorization management 
tool is further operable to store a query result in the database, the query result related to 
whether the response was generated. 

4. (Original) The system of Claim 1, further comprising a user acceptance 
tool residing in the memory and executable by the processor, the user acceptance tool 
operable to: 

query a user about a user preference with respect to the data protection rules; 

accept the user preference; and 

store the user preference in the database. 
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5. (Currently amended) The system of Claim 4, wherein the authorization 
management tool is further operable to access the one or more user preferences in the 
database to validate that the particular set of data may be accessed by the data requester. 

6. (Original) The system of Claim 1, further comprising a state change tool 
residing in the memory and executable by the processor, the state change tool operable 
to: 

receive a state change of an entity; 

compare the state change to the data protection rules stored in the database; 
determine whether the state change complies with the data protection rules; and 
update the database with the state change. 

7. (Original) The system of Claim 6, wherein the entity is a user and the state 
change tool is further operable to: 

query the user about a user preference with respect to the data protection rules; 

accept the user preference; and 

store the user preference in the database. 

8. (Currently amended) The system of Claim 7, wherein the authorization 
management tool is further operable to access the one or more user preferences in the 
database to validate that the particular set of data may be accessed by the data requester. 



9. (Original) The system of Claim 1 , wherein the authorization management 
tool is further operable to access one or more corporate policies in the database to 
validate that the particular set of data may be accessed by the data requester. 
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10. (Original) A computerized method for managing a plurality of data 
protection rules, comprising: 

receiving and storing the data protection rules in a database; 

receiving and storing a plurality of permissions generated by a data owner in the 
database; 

accepting a query from a data requester, the query related to a particular set of 

data; 

accessing the database to validate that a permission exists for the data requester; 
accessing the database to validate that the particular set of data may be accessed 
by the data requester; and 

generating a response to the query. 

1 1 . (Original) The computerized method of Claim 1 0, further comprising 
storing identifying information about the data requester in the database. 

12. (Original) The computerized method of Claim 10, further comprising 
storing a query result in the database, the query result related to whether the response was 
generated. 

13. (Original) The computerized method of Claim 1 0, further comprising: 
querying a user about a user preference with respect to the data protection rules; 
accepting the user preference; and 

storing the user preference in the database. 



14. (Currently amended) The computerized method of Claim 13, further 
comprising accessing the one or more user preferences in the database to validate that the 
particular set of data may be accessed by the data requester. 
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15. (Original) The computerized method of Claim 10, further comprising: 
receiving a state change of an entity; 

comparing the state change to the data protection rules stored in the database; 
determining whether the state change complies with the data protection rules; and 
updating the database with the state change. 

16. (Original) The computerized method of Claim 15, further comprising: 
querying the user about a user preference with respect to the data protection rules; 
accepting the user preference; and 

storing the user preference in the database. 

17. (Currently amended) The computerized method of Claim 16, further 
comprising accessing the one or more user preferences in the database to validate that the 
particular set of data may be accessed by the data requester. 

18. (Original) The computerized method of Claim 10, further comprising 
accessing one or more corporate policies stored in the database to validate that the 
particular set of data may be accessed by the data requester. 

19. (Withdrawn) A system for managing a plurality of data protection rules, 
comprising: 

a processor; 

a database coupled to the processor, the database operable to receive and store the 
data protection rules and a plurality of corporate policies; 
a memory coupled to the processor; 

a user acceptance tool residing in the memory and executable by the processor, 
the user acceptance tool operable to: 

query a user about a user preference with respect to one or more data protection 
rules stored in the database; 

accept the user preference; and 

store the user preference in the database. 
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20. (Withdrawn) The system of Claim 19, wherein the user acceptance tool is 
further operable to: 

query a user about one or more corporate policies; and 

accept an acknowledgement from the user, the acknowledgement indicating that 
the user has agreed to the corporate policies. 

21. (Withdrawn) The system of Claim 20, wherein the user acceptance tool is 
further operable to send the acknowledgement to a security system database. 

22. (Withdrawn) The system of Claim 19, further comprising an authorization 
management tool residing in the memory and executable by the processor, the 
authorization management tool operable to: 

accept a query from a data requester, the query related to a particular set of data; 

access the database to validate that a permission exists for the data requester; 

access the data protection rules, the corporate policies, and the user preferences in 
the database to validate that the particular set of data may be accessed by the data 
requester; and 

generate a response to the query. 

23. (Withdrawn) The system of Claim 22, wherein the authorization 
management tool is further operable to store identifying information about the data 
requester in the database. 



24. (Withdrawn) The system of Claim 22, wherein the authorization 
management tool is further operable to store a query result in the database, the query 
result related to whether the response was generated. 
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25. (Withdrawn) The system of Claim 19, further comprising a state change 
tool residing in the memory and executable by the processor, the state change tool 
operable to: 

receive a state change of the user; 

compare the state change to the data protection rules, the corporate policies, and 
the user preferences stored in the database; 

determine whether the state change complies with the data protection rules, the 
corporate policies, and the user preferences; and 

update the database with the state change. 

26. (Withdrawn) The system of Claim 25, wherein the state change tool is 
further operable to: 

query, based on the state change, the user about a new user preference with 
respect to the data protection rules; 

accept the new user preference; and 

update the database with the new user preference. 

27. (Withdrawn) A computerized method for managing a plurality of data 
protection rules, comprising: 

receiving and storing the data protection rules and a plurality of corporate policies 
in a database; 

querying a user about a user preference with respect to one or more data 
protection rules stored in the database; 

accepting the user preference; and 
storing the user preference in the database. 

28. (Withdrawn) The computerized method of Claim 27, further comprising: 
querying a user about one or more corporate policies; and 

accepting an acknowledgement from the user, the acknowledgement indicating 
that the user has agreed to the corporate policies. 
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29. (Withdrawn) The computerized method of Claim 28, further comprising 
sending the acknowledgement to a security computerized method database. 

30. (Withdrawn) The computerized method of Claim 27, further comprising: 
accepting a query from a data requester, the query related to a particular set of 

data; 

accessing the database to validate that a permission exists for the data requester; 

accessing the data protection rules, the corporate policies, and the user 
preferences in the database to validate that the particular set of data may be accessed by 
the data requester; and 

generating a response to the query. 

31. (Withdrawn) The computerized method of Claim 30, further comprising 
storing identifying information about the data requester in the database. 

32. (Withdrawn) The computerized method of Claim 30, further comprising 
storing a query result in the database, the query result related to whether the response was 
generated. 

33. (Withdrawn) The computerized method of Claim 27, further comprising: 
receiving a state change of the user; 

comparing the state change to the data protection rules, the corporate policies, and 
the user preferences stored in the database; 

determining whether the state change complies with the data protection rules, the 
corporate policies, and the user preferences; and 

updating the database with the state change. 

34. (Withdrawn) The computerized method of Claim 33, further comprising: 
querying, based on the state change, the user about a new user preference with 

respect to the data protection rules; 

accepting the new user preference; and 

updating the database with the new user preference. 
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35. (Withdrawn) A system for managing a plurality of data protection rules, 
comprising: 

a processor; 

a database coupled to the processor, the database operable to receive and store a 
first set of data protection rules; 

a memory coupled to the processor; 

an impact analysis tool residing in the memory and executable by the processor, 
the impact analysis tool operable to: 

receive a second set of data protection rules; 

compare the second set of data protection rules to the first set of data protection 
rules to determine an impact on existing information; 
notify a data owner of the impact; and 

update the database with the second set of data protection rules. 

36. (Withdrawn) The system of Claim 35, wherein the existing information is 
one or more corporate policies. 

37. (Withdrawn) The system of Claim 36, wherein the impact analysis tool is 
further operable to receive one or more revised corporate policies, and update the 
database with the corporate policies. 

38. (Withdrawn) The system of Claim 35, wherein the existing information is 
one or more managed systems. 

39. (Withdrawn) The system of Claim 38, wherein the impact analysis tool is 
further operable to receive a revised managed system, and update the database with the 
managed system. 



40. (Withdrawn) The system of Claim 35, wherein the existing information is 
one or more user preferences associated with one or more of the second set of data 
protection rules. 
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41. (Withdrawn) The system of Claim 40, wherein the impact analysis tool is 
further operable to: 

query a user about the user preferences; 

accept the user preference; and 

update the database with the user preferences. 

42. (Withdrawn) The system of Claim 35, further comprising an authorization 
management tool residing in the memory and executable by the processor, the 
authorization management tool operable to: 

accept a query from a data requester, the query related to a particular set of data; 
access the database to validate that a permission exists for the data requester; 
access the second set of data protection rules in the database to validate that the 
particular set of data may be accessed by the data requester; and 
generate a response to the query. 

43. (Withdrawn) The system of Claim 42, wherein the authorization 
management tool is further operable to store identifying information about the data 
requester in the database. 

44. (Withdrawn) The system of Claim 42, wherein the authorization 
management tool is further operable to store a query result in the database, the query 
result related to whether the response was generated. 

45. (Withdrawn) The system of Claim 41, further comprising a state change 
tool residing in the memory and executable by the processor, the state change tool 
operable to: 

receive a state change of the user; 

compare the state change to the second set of data protection rules and the user 
preferences stored in the database; 

determine whether the state change complies with the second set of data 
protection rules and the user preferences; and 

update the database with the state change. 
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46. (Withdrawn) A computerized method for managing a plurality of data 
protection rules, comprising: 

receiving and storing a first set of data protection rules; 
receiving a second set of data protection rules; 

comparing the second set of data protection rules to the first set of data protection 
rules to determine an impact on existing information; 
notifying a data owner of the impact; and 

updating the database with the second set of data protection rules. 

47. (Withdrawn) The computerized method of Claim 46, wherein the existing 
information is one or more corporate policies. 

48. (Withdrawn) The computerized method of Claim 47, further comprising 
receiving one or more revised corporate policies and updating the database with the 
corporate policies. 

49. (Withdrawn) The computerized method of Claim 46, wherein the existing 
information is one or more managed systems. 

50. (Withdrawn) The computerized method of Claim 49, further comprising 
receiving a revised managed system and updating the database with the managed system. 

5 1 . (Withdrawn) The computerized method of Claim 46, wherein the existing 
information is one or more user preferences associated with one or more of the second set 
of data protection rules. 

52. (Withdrawn) The computerized method of Claim 5 1 , further comprising: 
querying a user about the user preferences; 

accepting the user preference; and 

updating the database with the user preferences. 
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53. (Withdrawn) The computerized method of Claim 46, further comprising: 
accepting a query from a data requester, the query related to a particular set of 

data; 

accessing the database to validate that a permission exists for the data requester; 
accessing the second set of data protection rules in the database to validate that 
the particular set of data may be accessed by the data requester; and 
generating a response to the query. 

54. (Withdrawn) The computerized method of Claim 53, further comprising 
storing identifying information about the data requester in the database. 

55. (Withdrawn) The computerized method of Claim 53, further comprising 
storing a query result in the database, the query result related to whether the response was 
generated. 

56. (Withdrawn) The computerized method of Claim 52, further comprising: 
receiving a state change of the user; 

comparing the state change to the second set of data protection rules and the user 
preferences stored in the database; 

determining whether the state change complies with the second set of data 
protection rules and the user preferences; and 

updating the database with the state change. 
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57. (Withdrawn) A system for managing a plurality of data protection rules, 
comprising: 

a processor; 

a database coupled to the processor, the database operable to receive and store the 
data protection rules and to receive and store one or more states of an entity; 
a memory coupled to the processor; 

a state change tool residing in the memory and executable by the processor, the 
state change tool operable to: 

receive a state change of the entity; 

compare the state change to the data protection rules stored in the database; 
determine whether the state change complies with the data protection rules; and 
update the database with the state change. 

58. (Withdrawn) The system of Claim 57, wherein the state change tool is 
further operable to notify a data owner of the state change. 

59. (Withdrawn) The system of Claim 57, further comprising an authorization 
management tool residing in the memory and executable by the processor, the 
authorization management tool operable to: 

accept a query from a data requester, the query related to a particular set of data; 
access the database to validate that a permission exists for the data requester; 
access the data protection rules in the database to validate that the particular set of 
data may be accessed by the data requester; and 
generate a response to the query. 

60. (Withdrawn) The system of Claim 59, wherein the authorization 
management tool is further operable to store identifying information about the data 
requester in the database. 



61. (Withdrawn) The system of Claim 59, wherein the authorization 
management tool is further operable to store a query result in the database, the query 
result related to whether the response was generated. 
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62. (Withdrawn) The system of Claim 59, further comprising a user 
acceptance tool residing in the memory and executable by the processor, the user 
acceptance tool operable to: 

query a user about a user preference with respect to the data protection rules; 

accept the user preference; and 

store the user preference in the database. 

63. (Withdrawn) The system of Claim 62, wherein the authorization 
management tool Is further operable to access the user preferences in the database to 
validate that the particular set of data may be accessed by the data requester. 

64. (Withdrawn) A computerized method for managing a plurality of data 
protection rules, comprising: 

receiving and storing the data protection rules in a database; 
receiving and storing one or more states of an entity in the database; 
receiving a state change of the entity; 

comparing the state change to the data protection rules stored in the database; 
determining whether the state change complies with the data protection rules; and 
updating the database with the state change. 

65. (Withdrawn) The computerized method of Claim 64, further comprising 
notifying a data owner of the state change. 

66. (Withdrawn) The computerized method of Claim 64, further comprising: 
accepting a query from a data requester, the query related to a particular set of 

data; 

accessing the database to validate that a permission exists for the data requester; 
accessing the data protection rules in the database to validate that the particular 
set of data may be accessed by the data requester; and 
generating a response to the query. 
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67. (Withdrawn) The computerized method of Claim 66, further comprising 
storing identifying information about the data requester in the database. 

68. (Withdrawn) The computerized method of Claim 66, further comprising 
storing a query result in the database, the query result related to whether the response was 
generated. 

69. (Withdrawn) The computerized method of Claim 66, further comprising: 
querying a user about a user preference with respect to the data protection rules; 
accepting the user preference; and 

storing the user preference in the database. 



70. (Withdrawn) The computerized method of Claim 69, further comprising 
accessing the user preferences in the database to validate that the particular set of data 
may be accessed by the data requester. 
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71. (Withdrawn) A system for managing a plurality of data protection rules, 
comprising: 

a processor; 

a data protection database coupled to the processor, the data protection database 
operable to receive and store a first set of data protection rules; 

a managed system database coupled to the processor, the managed system 
database operable to receive and store managed system information; 

a memory coupled to the processor; 

an audit and compliance tool residing in the memory and executable by the 
processor, the audit and compliance tool operable to: 

extract meta data from the managed system database and store the meta data in 
the data protection database, the meta data associated with the managed system 
information; 

receive a second set of data protection rules; 

compare, by utilizing the meta data, the second set of data protection rules to the 
managed system information to determine if the managed system information complies 
with the second set of data protection rules; 

notify a data owner of one or more results of the comparison; and 

update the data protection database with the second set of data protection rules. 

72. (Withdrawn) The system of Claim 71, wherein the audit and compliance 
tool is further operable to generate a report of the first and second data protection rules. 

73. (Withdrawn) The system of Claim 71, further comprising an impact 
analysis tool residing in the memory and executable by the processor, the impact analysis 
tool operable to: 

receive the second set of data protection rules; 

compare the second set of data protection rules to the first set of data protection 
rules to determine an impact on existing information; 
notify a data owner of the impact; and 

update the data protection database with the second set of data protection rules. 
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74. (Withdrawn) The system of Claim 73, wherein the existing information is 
one or more corporate policies. 

75. (Withdrawn) The system of Claim 74, wherein the impact analysis tool is 
further operable to receive one or more revised corporate policies, and update the data 
protection database with the corporate policies. 

76. (Withdrawn) The system of Claim 73, wherein the existing information is 
one or more user preferences associated with one or more of the second set of data 
protection rules. 

77. (Withdrawn) The system of Claim 76, wherein the impact analysis tool is 
further operable to: 

query a user about the user preferences; 
accept the user preference; and 

update the data protection database with the user preferences. 

78. (Withdrawn) The system of Claim 71, further comprising an authorization 
management tool residing in the memory and executable by the processor, the 
authorization management tool operable to: 

accept a query from a data requester, the query related to a particular set of data; 
access the managed system database to validate that a permission exists for the 
data requester; 

access the second set of data protection rules in the data protection database to 
validate that the particular set of data may be accessed by the data requester; and 
generate a response to the query. 

79. (Withdrawn) The system of Claim 78, wherein the authorization 
management tool is further operable to store identifying information about the data 
requester in the managed system database. 
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80. (Withdrawn) The system of Claim 78, wherein the authorization 
management tool is further operable to store a query result in the managed system 
database, the query result related to whether the response was generated. 

81. (Withdrawn) The system of Claim 77, further comprising a state change 
tool residing in the memory and executable by the processor, the state change tool 
operable to: 

receive a state change of a user; 

compare the state change to the second set of data protection rules and the user 
preferences stored in the data protection database; 

determine whether the state change complies with the second set of data 
protection rules and the user preferences; and 

update the managed system database with the state change. 

82. (Withdrawn) A computerized method for managing a plurality of data 
protection rules, comprising: 

receiving and storing a first set of data protection rules in a data protection 
database; 

receiving and storing managed system information in a managed system database; 

extracting meta data from the managed system database and storing the meta data 
in the data protection database, the meta data associated with the managed system 
information; 

receiving a second set of data protection rules; 

comparing, by utilizing the meta data, the second set of data protection rules to 
the managed system information to determine if the managed system information 
complies with the second set of data protection rules; 

notifying a data owner of one or more results of the comparison; and 

updating the data protection database with the second set of data protection rules. 



ATTORNEY DOCKET NO. 
014208.1465 (93-01-004) 



PATENT APPLICATION 
Serial No. 09/996,099 



20 

83. (Withdrawn) The computerized method of Claim 82, further comprising 
generating a report of the first and second data protection rules. 

84. (Withdrawn) The computerized method of Claim 82, further comprising: 
receiving the second set of data protection rules; 

comparing the second set of data protection rules to the first set of data protection 
rules to determine an impact on existing information; 
notifying a data owner of the impact; and 

updating the data protection database with the second set of data protection rules. 

85. (Withdrawn) The computerized method of Claim 84, wherein the existing 
information is one or more corporate policies. 

86. (Withdrawn) The computerized method of Claim 85, further comprising 
receiving one or more revised corporate policies and updating the data protection 
database with the corporate policies. 

87. (Withdrawn) The computerized method of Claim 84, wherein the existing 
information is one or more user preferences associated with one or more of the second set 
of data protection rules. 

88. (Withdrawn) The computerized method of Claim 87, further comprising: 
querying a user about the user preferences; 

accepting the user preference; and 

updating the data protection database with the user preferences. 
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89. (Withdrawn) The computerized method of Claim 82, further comprising: 
accepting a query from a data requester, the query related to a particular set of 

data; 

accessing the managed system database to validate that a permission exists for the 
data requester; 

accessing the second set of data protection rules in the data protection database to 
validate that the particular set of data may be accessed by the data requester; and 
generating a response to the query. 

90. (Withdrawn) The computerized method of Claim 89, further comprising 
storing identifying information about the data requester in the database. 

91. (Withdrawn) The computerized method of Claim 89, further comprising 
storing a query result in the managed system database, the query result related to whether 
the response was generated. 

92. (Withdrawn) The computerized method of Claim 88, further comprising: 
receiving a state change of a user; 

comparing the state change to the second set of data protection rules and the user 
preferences stored in the data protection database; 

determining whether the state change complies with the second set of data 
protection rules and the user preferences; and 

updating the managed system database with the state change. 
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93. (Withdrawn) A system for managing a plurality of data protection rules, 
comprising: 

a processor; 

a data protection database coupled to the processor, the data protection database 
operable to receive and store the data protection rules; 

a managed system database coupled to the processor, the managed system 
database operable to receive and store a first set of managed system information; 

a memory coupled to the processor; 

an audit and compliance tool residing in the memory and executable by the 
processor, the audit and compliance tool operable to: 

extract meta data from the managed system database and store the meta data in 
the data protection database, the meta data associated with the first set of managed 
system information; 

receive a second set of managed system information; 

compare, by utilizing the meta data, the data protection rules to the second set of 
managed system information to determine if the second set of managed system 
information complies with the data protection rules; 

notify a data owner of one or more results of the comparison; and 
update the managed system database with the second set of managed system 
information. 

94. (Withdrawn) The system of Claim 93, wherein the audit and compliance 
tool is further operable to generate a report of the data protection rules. 

95. (Withdrawn) The system of Claim 93, further comprising an impact 
analysis tool residing in the memory and executable by the processor, the impact analysis 
tool operable to: 

receive the second set of data protection rules; 

compare the second set of data protection rules to the first set of data protection 
rules to determine an impact on existing information; 
notify a data owner of the impact; and 

update the data protection database with the second set of data protection rules. 
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96. (Withdrawn) The system of Claim 95, wherein the existing information is 
one or more corporate policies. 

97. (Withdrawn) The system of Claim 96, wherein the impact analysis tool is 
further operable to receive one or more revised corporate policies, and update the data 
protection database with the corporate policies. 

98. (Withdrawn) The system of Claim 95, wherein the existing information is 
one or more user preferences associated with one or more of the second set of data 
protection rules. 

99. (Withdrawn) The system of Claim 98, wherein the impact analysis tool is 
further operable to: 

query a user about the user preferences; 
accept the user preference; and 

update the data protection database with the user preferences. 

100. (Withdrawn) The system of Claim 93, further comprising an authorization 
management tool residing in the memory and executable by the processor, the 
authorization management tool operable to: 

accept a query from a data requester, the query related to a particular set of data; 
access the managed system database to validate that a permission exists for the 
data requester; 

access the second set of data protection rules in the data protection database to 
validate that the particular set of data may be accessed by the data requester; and 
generate a response to the query. 

101. (Withdrawn) The system of Claim 100, wherein the authorization 
management tool is further operable to store identifying information about the data 
requester in the managed system database. 
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102. (Withdrawn) The system of Claim 100, wherein the authorization 
management tool is further operable to store a query result in the managed system 
database, the query result related to whether the response was generated. 

103. (Withdrawn) The system of Claim 99, further comprising a state change 
tool residing in the memory and executable by the processor, the state change tool 
operable to: 

receive a state change of a user; 

compare the state change to the second set of data protection rules and the user 
preferences stored in the data protection database; 

determine whether the state change complies with the second set of data 
protection rules and the user preferences; and 

update the managed system database with the state change. 

104. (Withdrawn) A system for managing a plurality of data protection rules, 
comprising: 

receiving and storing the data protection rules in a data protection database; 
receiving and storing a first set of managed system information in a managed 
system database; 

extracting meta data from the managed system database and storing the meta data 
in the data protection database, the meta data associated with the first set of managed 
system information; 

receiving a second set of managed system information; 

comparing, by utilizing the meta data, the data protection rules to the second set 
of managed system information to determine if the second set of managed system 
information complies with the data protection rules; 

notifying a data owner of one or more results of the comparison; and 
updating the managed system database with the second set of managed system 
information. 
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105. (Withdrawn) The system of Claim 104, further comprising generating a 
report of the data protection rules. 

106. (Withdrawn) The computerized method of Claim 104, further comprising: 
receiving a second set of data protection rules; 

comparing the second set of data protection rules to the first set of data protection 
rules to determine an impact on existing information; 
notifying a data owner of the impact; and 

updating the data protection database with the second set of data protection rules. 

107. (Withdrawn) The computerized method of Claim 106, wherein the 
existing information is one or more corporate policies. 

108. (Withdrawn) The computerized method of Claim 107, further comprising 
receiving one or more revised corporate policies and updating the data protection 
database with the corporate policies. 

109. (Withdrawn) The computerized method of Claim 106, wherein the 
existing information is one or more user preferences associated with one or more of the 
second set of data protection rules. 

110. (Withdrawn) The computerized method of Claim 109, further comprising: 
querying a user about the user preferences; 

accepting the user preference; and 

updating the data protection database with the user preferences. 



ATTORNEY DOCKET NO. 
014208.1465 (93-01-004) 



PATENT APPLICATION 
Serial No. 09/996,099 



26 



111. (Withdrawn) The computerized method of Claim 104, further comprising: 
accepting a query from a data requester, the query related to a particular set of 

data; 

accessing the managed system database to validate that a permission exists for the 
data requester; 

accessing the data protection rules in the data protection database to validate that 
the particular set of data may be accessed by the data requester; and 
generating a response to the query. 

112. (Withdrawn) The computerized method of Claim 111, further comprising 
storing identifying information about the data requester in the managed system database. 

113. (Withdrawn) The computerized method of Claim 111, further comprising 
storing a query result in the managed system database, the query result related to whether 
the response was generated. 

1 14. (Withdrawn) The computerized method of Claim 1 1 0, further comprising: 
receiving a state change of a user; 

comparing the state change to the second set of data protection rules and the user 
preferences stored in the data protection database; 

determining whether the state change complies with the second set of data 
protection rules and the user preferences; and 

updating the managed system database with the state change. 
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115. (Withdrawn) A system for managing a plurality of data protection rules, 
comprising: 

a processor; 

a data protection database coupled to the processor, the data protection database 
operable to receive and store the data protection rules, a plurality of corporate policies, a 
plurality of permissions generated by a data owner, and one or more states of an entity; 

a managed system database coupled to the processor, the managed system 
database operable to receive and store managed system information; 

a memory coupled to the processor; 

an authorization management tool residing in the memory and executable by the 
processor, the authorization management tool operable to: 

accept a query from a data requester, the query related to a particular set of data; 

access the managed system database to validate that a permission exists for the 
data requester; 

access the data protection rules and the corporate policies in the data protection 
database to validate that the particular set of data may be accessed by the data requester; 
and 

generate a response to the query; 

a user acceptance tool residing in the memory and executable by the processor, 
the user acceptance tool operable to: 

query a user about a user preference with respect to one or more data protection 
rules stored in the data protection database; 

accept the user preference; and 

store the user preference in the data protection database; 

an impact analysis tool residing in the memory and executable by the processor, 
the impact analysis tool operable to: 

receive a new set of data protection rules; 

compare the new set of data protection rules to the data protection rules to 
determine an impact on existing information; 
notify a data owner of the impact; and 

update the data protection database with the new set of data protection rules; 
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a state change tool residing in the memory and executable by the processor, the 
state change tool operable to: 

receive a state change of an entity; 

compare the state change to the data protection rules stored in the data protection 
database; 

determine whether the state change complies with the data protection rules; and 

update the managed system database with the state change; and 

an audit and compliance tool residing in the memory and executable by the 

processor, the audit and compliance tool operable to: 

extract meta data from the managed system database and store the meta data in 

the data protection database, the meta data associated with the managed system 

information; 

receive the new set of data protection rules; 

compare, by utilizing the meta data, the new set of data protection rules to the 
managed system information to determine if the managed system information complies 
with the new set of data protection rules; 

notify the data owner of one or more results of the comparison; and 

update the data protection database with the new set of data protection rules. 



